Youtube channel !

Be sure to visit my youtube channel

Wednesday, April 06, 2022

Install WIFI on Ubuntu linux via terminal


 

Steps:

with lsusb we can first see if the device is recognised correctly.

then type: iwconfig then use the Tab key to get to your device name

then edit /etc/wpa_supplicant/wpa.conf

and place there:

network={

ssid="network_id",

psk="encoded_password"

(you need to supply your own network_id and encoded_password,

you can get the encoded_password by typing:

sudo wpa_passphrase your_ssid

then type a password

and you'll get sample config file with the encoded password, you can overwrite the original file with.

Next: start the wpa supplicant with:

suto wpa_supplicant -Dnext -iwxl...(wifi interface id) -cwpa.conf

 

Enjoy!

Laravel RabbitMQ queues


 

In order to connect Laravel with RabbitMQ we will need the following library:

composer require vladimir-yuldashev/laravel-queue-rabbitmq
then
in config/queue.php add the following configuration:
'connections' => [
    // ...

    'rabbitmq' => [
    
       'driver' => 'rabbitmq',
       'queue' => env('RABBITMQ_QUEUE', 'default'),
       'connection' => PhpAmqpLib\Connection\AMQPLazyConnection::class,
   
       'hosts' => [
           [
               'host' => env('RABBITMQ_HOST', '127.0.0.1'),
               'port' => env('RABBITMQ_PORT', 5672),
               'user' => env('RABBITMQ_USER', 'guest'),
               'password' => env('RABBITMQ_PASSWORD', 'guest'),
               'vhost' => env('RABBITMQ_VHOST', '/'),
           ],
       ],
   
       'options' => [
           'ssl_options' => [
               'cafile' => env('RABBITMQ_SSL_CAFILE', null),
               'local_cert' => env('RABBITMQ_SSL_LOCALCERT', null),
               'local_key' => env('RABBITMQ_SSL_LOCALKEY', null),
               'verify_peer' => env('RABBITMQ_SSL_VERIFY_PEER', true),
               'passphrase' => env('RABBITMQ_SSL_PASSPHRASE', null),
           ],
           'queue' => [
               'job' => VladimirYuldashev\LaravelQueueRabbitMQ\Queue\Jobs\RabbitMQJob::class,
           ],
       ],
   
       /*
        * Set to "horizon" if you wish to use Laravel Horizon.
        */
       'worker' => env('RABBITMQ_WORKER', 'default'),
        
    ],

    // ...    
], 
 
then you need to edit the .env file, supplying your settings under the rabbitMQ section:
RABBITMQ_HOST, RABBITMQ_PORT, RABBITMQ_USER, RABBITMQ_PASSWORD, RABBITMQ_VHOST 

also for the QUEUE_CONNECTION you should supply: rabbitmq

Now lets create a job in the terminal with:

php artisan make:job TestJob
it will handle all the incoming queue events. It's contents under /jobs:
private $data;
    /**
     * Create a new job instance.
     *
     * @return void
     */
    public function __construct($data)
    {
        //
         $this->data = $data;
    }

    /**
     * Execute the job.
     *
     * @return void
     */
    public function handle()
    {
        print_r($this->data);
    } 
 
Finally we connect and run the created above job handler in order to handle event. Inside EventServiceProvider.php
inside the boot() function add:
$this->app->bind(
TestJob::class."@handle",
fn($job)=>{$job->handle()} // this will run the handle() function from above.
Then inside of a controller you can run:
use App\Jobs\TestJob;
TestJob::Dispatch('hello'); 
you can see inside of the queue with: php artisan queue:work

Cheers!

Install Angular Material on Ubuntu

Here is how to install Angular Material on Ubuntu:

 

1. Install NODEJS/NPM

inside of a terminal type: sudo apt install nodejs

as an alternative you can use nvm:

curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash 

then just type: nvm install --lts

this will download install and use latest long-term supported version of node.

 

2. Install the angular CLI

with npm i -g @angular/cli

 

3. Create new project: ng new myproject

 

4. Add Material Design: ng add @angular/material

 

5. Restart ng serve if running and enjoy your Material enabled project!

Tuesday, March 29, 2022

Ubuntu: how to restore packages after interrupted apt upgrade

Often you might stop running apt update && apt dist-upgrade.

Here is the one-line command that will resume reinstalling the unfinished, or half-configured packages for you. It creates list of packages which can be passed to apt install:  

grep  "08:18:.* half-configured"  /var/log/dpkg.log.1 /var/log/dpkg.log |  awk '{printf "%s ", $5}'

first part of the command will grab only half-configured packages, while the second part will grab just the package name.

Here is the command in full:

sudo apt install --reinstall $(grep  "08:18:.* half-configured"  /var/log/dpkg.log.1 /var/log/dpkg.log |  awk '{printf "%s ", $5}')

You can configure 08:18 with the time you know the packages were interrupted form installing.

Best luck!

Monday, March 28, 2022

Wordpress customizations inside functions.php

Here are few tips on how to customize your Wordpress, without having to resort to plugins, just insert the following php code inside your functions.php file. I will be adding more.

Redirect inner page to outer domain:
add_action('template_redirect','redirect_from_to');
function redirect_from_to(){
  if (is_page('mypage')){
    wp_redirect('http://www.google.com',301);
    exit()
  }
}
Note: mypage must be created in order for the redirect to work.


Allow svg files to be uploaded:

function cc_mime_types($mimes){

$mimes['svg']='image/svg';

return $mimes;

}

add_filter('upload_mimes','cc_mime_types');


Cheers!

Monday, February 22, 2021

Debug Laravel / PHP applications with XDebug in VSCODE

We will setup debugging using xdebug with PHP inside of visual studio code. 

Quick setup:

1) install php-xdebug:

sudo apt install php-xdebug

2) inside of php.ini at the end of the file set: 

[xdebug] 

xdebug.start_with_request = yes 

xdebug.mode = debug 

xdebug.discover_client_host = false 

3) install php debug extension in VSCODE and set the port of the vscode php debug extension to 9003.

Now you can press F5 and start debugging.

 

 

 

Alternatively you can install xdebug using pecl. 

The setup is valid for Ubuntu both on bare-metal as well as under Windows 10 with WSL.

Enjoy !

Sunday, September 27, 2020

JWT - JSON WEB TOKENS security

Refresh tokens are helpful stateless technology, because they have longer time of expiry than the secure tokens, and can be used to send requests back to the server for reissuing of normal secure tokens. 

The primary aim of a refresh token is to regenerate the authentication for the user in such way, that the user doesn't need to manually re-login into the system.

The flow of using refresh together with secure tokens is the following: Initially we're making a request containing valid combination of user/password payload to a server. After performing checks the server is generating and returning to us a pair of secure and refresh tokens. It is sending the refresh token as an http only cookie, which cannot be read or modified by the browser. Later in the process of work, when the secure token is about to expire we use the cookie containing the refresh token information to make request to the server. The server checks its validity in its database and sends back to the client a new pair of refresh secure tokens. 

In summary we use refresh tokens when our access token is expired, and we would like to renew it as well as to renew the refresh token. That is why it has longer expiration time than the access token. Keep in mind that, when the refresh token is expired we need to manually re-login the user. For the technical implementation of refresh tokens is very good if you manage to place the refresh token inside of http-only cookie, because on the client side JavaScript and other techniques cannot exploited to modify this type of cookie. In rare cases, if attackers send a refresh request to the server they cannot get the newly issued secure token. If you would like to increase the security of the generated tokens you can also include browser and os fingerprinting inside of the token payload. 

For the authentication server it is good it can perform the following specific actions: to be able to generate access and refresh tokens to revoke tokens(to delete the refresh token). When a refresh token is generated it usually goes through the following process: check whether there is an user id in the internal database with a token, check the validity of the token, check the number of tokens for this user: how many they are, because one user can generate and overflow our database and this is also a type of an attack. When everything is ready we can save the newly generated token into our database.


 

Access token is used when performing service requests

secret key is stored both in the server and in the JWT payload:
const Token = jwt.sign(
{ user: myUser }, // payload
jwtSecretKey,
{ expiresIn: '30d' }
);
on client side resides in local storage

 

1) Client side authentication - POST request to get the token:
payload: {
‘username:req.body.user’,
’password:req.body.password’
}

Response
Bearer: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwMSIsIm5hbWUiOiJKb2huIERvZSIsImlhdC

2) Client side: request + Authorization header
fetch(url, {
        method: 'GET',
        withCredentials: true,
        credentials: 'include',
        headers: {
            'Authorization': bearer,
        }
    })

request service with the token:
3) Server side authorization -
// const token = req.get('Authorization');
// token = token.slice(7, token.length);

app.route(‘/secret_url’).post(
jwtVerifier,
(req,res)=>res.send(‘info’)); // secret information

 


Refresh token is used when access token is expired in order to produce new access and refresh tokens.

  • has longer expire time than the access token, if expires the user is logged out.
  • on client side resides in httponly cookie, so client cannot modify it (attacker cannot get the new JWT refresh token)
  • includes browser fingerprint for extra security


The auth server can perform specific actions:

  • generate new access and refresh tokens
  • refresh tokens:
    •  check the user_id from the http transmitted refresh token cookie against internal refresh tokens list in order to regenerate new access & refresh tokens:
      • check refresh token validity (by comparing user_id inside the issued token list for the requested user)
      • prune the number of generated refresh tokens (because the user can be logged in from different devices)
      • save in a db the generated refresh tokens
  • revoke token (delete refresh token)

The practical implementation of both JWT secure and refresh tokens can be seen in these 2 courses:

Angular with PHP and JSON web tokens (JWT)

JavaScript User Authentication Login Script (JWT)

 

Congratulations !

 

Subscribe To My Channel for updates

Integrating AI code helpers into Visual Studio Code

In this guide, we’ll walk through setting up a local AI-powered coding assistant within Visual Studio Code (VS Code). By leveraging tools s...